[6.0] 63db35d03 req_fsm: Ensure failed sub-requests reach transmit

Dridi Boukelmoune dridi.boukelmoune at gmail.com
Tue Nov 21 06:57:06 UTC 2023 

commit 63db35d03defee2f0c2e4d553ba45dd536f2d25d
Author: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
Date:   Tue Nov 21 07:12:11 2023 +0100

    req_fsm: Ensure failed sub-requests reach transmit
    
    A VCL failure on the client side transitions to vcl_synth, except
    failures from vcl_synth that lead to minimal errors. The ESI transport
    is not allowed to reply with minimal responses so this would lead to a
    panic.
    
    On top of that, the vcl_req_reset feature flag emulates `return (fail)`
    statements when an HTTP/2 client disconnected, resulting in the same
    panic scenario.
    
    For sub-requests, we masquerade the fail transition as a deliver and
    trade the illegal minimal response for the synthetic response.
    
    Fixes #4022
    
    Conflicts:
            bin/varnishd/cache/cache_req_fsm.c

diff --git a/bin/varnishd/cache/cache_req_fsm.c b/bin/varnishd/cache/cache_req_fsm.c
index b09484304..43d3e6d68 100644
--- a/bin/varnishd/cache/cache_req_fsm.c
+++ b/bin/varnishd/cache/cache_req_fsm.c
@@ -315,7 +315,11 @@ cnt_synth(struct worker *wrk, struct req *req)
 
 	VSLb_ts_req(req, "Process", W_TIM_real(wrk));
 
-	if (wrk->handling == VCL_RET_FAIL) {
+	while (wrk->handling == VCL_RET_FAIL) {
+		if (req->esi_level > 0) {
+			wrk->handling = VCL_RET_DELIVER;
+			break;
+		}
 		VSB_destroy(&synth_body);
 		req->doclose = SC_VCL_FAILURE;
 		VSLb_ts_req(req, "Resp", W_TIM_real(wrk));
diff --git a/bin/varnishtest/tests/e00037.vtc b/bin/varnishtest/tests/e00037.vtc
new file mode 100644
index 000000000..bfb1354e5
--- /dev/null
+++ b/bin/varnishtest/tests/e00037.vtc
@@ -0,0 +1,28 @@
+varnishtest "Double fail ESI sub request"
+
+server s1 {
+	rxreq
+	txresp -body {<esi:include src="/inc"/>}
+} -start
+
+varnish v1 -vcl+backend {
+	sub vcl_backend_response {
+		set beresp.do_esi = true;
+	}
+
+	sub vcl_recv {
+		if (req.esi_level > 0) {
+			return (fail);
+		}
+	}
+
+	sub vcl_synth {
+		return (fail);
+	}
+} -start
+
+client c1 {
+	non_fatal
+	txreq
+	rxresp
+} -run

More information about the varnish-commit mailing list